一.说明
Device mapper是基于内核的框架,支持Linux上许多高级卷管理技术。Docker中devicemapper存储驱动程序利用此框架的精简配置和快照功能进行镜像和容器管理。
devicemapper驱动程序使用专用于Docker的块设备,并在块级而非文件级进行操作。这些设备通过将物理存储添加到Docker主机来扩展。并且比在操作I系统级别使用文件系统性能更好。
二.配置场景
系统版本:Centos7.1
内核版本:基于3.10.0-229升级至4.20版本
Docker版本:docker-ce 18.09.2版本
问题:这里由于Centos7.1系统默认安装时根文件系统是xfs类型,而且不支持d_type。由于在Docker中,无论是overlay还是overlay2,它们底层文件系统都是overlayfs文件系统。而overlayfs文件系统就会用到d_type。这里如果我们要用到docker的overlay2(xfs文件系统)需要开启d_type。
[root@k8s001 ~]# xfs_info /
meta-data=/dev/mapper/centos-root isize=256 agcount=4, agsize=3276800 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0 finobt=0 spinodes=0
data = bsize=4096 blocks=13107200, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal bsize=4096 blocks=6400, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
由上面可知,ftype=0,也就是说xfs文件系统不支持d-type。(如果是ftype=1,表示支持d_type)
这里我们介绍下xfs文件系统的d_type:
d_type是Linux内核的一个术语,表示"目录条目类型",而目录条目,其实是文件系统上目录信息的一个数据结构。d_type就是这个数据结构的一个字段,这个字段用来表示文件的类型,是文件还是管道,还是目录或套接字等。
d_type从Linux2.6内核开始已经支持,只不过虽然Linux内核支持,但有些文件系统实现了d_type,有些却没有实现,有些是选择性的实现。也就是需要用户自己用额外的参数来决定是否开启d_type的支持。
问题解决:这里由于系统已经安装好,且安装好的文件系统不支持d_type,这里要么重新安装Centos7.5以上的版本来支持d_type,要么选择devicemapper存储驱动。
三.devicemapper
这里我们选用devicemapper时,可以配置:
- loop-lvm模式
- direct-lvm模式
3.1 loop-lvm模式
默认Centos7下Docker使用的loop-lvm模式。后端为自动生成的稀疏文件:
[root@k8s001 ~]# ls -lsh /var/lib/docker/devicemapper/devicemapper/
total 3.5G
3.5G -rw------- 1 root root 100G Nov 13 11:00 data
4.6M -rw------- 1 root root 2.0G Nov 13 11:00 metadata
其中data(存放数据)和metadata(存放元数据),我们可以从输出来看,初始化默认配置为100G和2G大小,都是稀疏文件,使用多少占用多少。
Docker在初始化的过程中,会创建data和metadata这两个稀疏文件,并分别附加到回环设备/dev/loop0和/dev/loop1上,然后给予回环设备创建thin pool,默认一个container最大存放数据不超过10G。
[root@k8s001 ~]# docker info
Client:
Debug Mode: false
Server:
Containers: 16
Running: 6
Paused: 0
Stopped: 10
Images: 22
Server Version: 18.09.2
Storage Driver: devicemapper
Pool Name: docker-253:0-67339311-pool
Pool Blocksize: 65.54kB
Base Device Size: 10.74GB
Backing Filesystem: xfs
Udev Sync Supported: true
Data file: /dev/loop0
Metadata file: /dev/loop1
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Data Space Used: 3.777GB
Data Space Total: 107.4GB
Data Space Available: 42.06GB
Metadata Space Used: 21.28MB
Metadata Space Total: 2.147GB
Metadata Space Available: 2.126GB
Thin Pool Minimum Free Space: 10.74GB
Deferred Removal Enabled: true
Deferred Deletion Enabled: true
Deferred Deleted Device Count: 0
Library Version: 1.02.149-RHEL7 (2018-07-20)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc nvidia
Default Runtime: runc
Init Binary: docker-init
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.20.13-1.el7.elrepo.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.79GiB
Name: k8s001.wf
ID: DWXA:MYGC:6VKO:TIFS:UGTT:EG3E:UVVU:YUZ5:ZL36:HYX6:XTDE:SRZV
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
查看系统的块设备:
[root@k8s001 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop1 7:1 0 2G 0 loop
└─docker-253:0-67339311-pool 253:3 0 100G 0 dm
├─docker-253:0-67339311-03563554f7c7b1ca35c0023fbe6c4f67c62dcf6b5a45ef9a39dc693baff1b24e 253:8 0 10G 0 dm /var/lib/docker/devicemapper/mnt/03563554f7c7b1ca35c002
├─docker-253:0-67339311-c3321ce74e90d9df08793b808c79e1c637cfbfd7e70a74f55933b3f41a56e49a 253:6 0 10G 0 dm /var/lib/docker/devicemapper/mnt/c3321ce74e90d9df08793b
├─docker-253:0-67339311-216e260231a30f484a10a28288509819cf0c7492b27c3bf03394b1932cb637b3 253:4 0 10G 0 dm /var/lib/docker/devicemapper/mnt/216e260231a30f484a10a2
├─docker-253:0-67339311-379abc2c8d2e1f163592595b102fafef869e48c440f7da7b6591d55742640531 253:9 0 10G 0 dm /var/lib/docker/devicemapper/mnt/379abc2c8d2e1f16359259
├─docker-253:0-67339311-24229ad0cba2615ed61273d19673659483018bf7c674c0002f04c7492bf5b720 253:7 0 10G 0 dm /var/lib/docker/devicemapper/mnt/24229ad0cba2615ed61273
└─docker-253:0-67339311-fa5c09702c932d386cc618d54a90c261b4aac5d3e593dac7d60545957cee85e2 253:5 0 10G 0 dm /var/lib/docker/devicemapper/mnt/fa5c09702c932d386cc618
sr0 11:0 1 1024M 0 rom
loop0 7:0 0 100G 0 loop
└─docker-253:0-67339311-pool 253:3 0 100G 0 dm
├─docker-253:0-67339311-03563554f7c7b1ca35c0023fbe6c4f67c62dcf6b5a45ef9a39dc693baff1b24e 253:8 0 10G 0 dm /var/lib/docker/devicemapper/mnt/03563554f7c7b1ca35c002
├─docker-253:0-67339311-c3321ce74e90d9df08793b808c79e1c637cfbfd7e70a74f55933b3f41a56e49a 253:6 0 10G 0 dm /var/lib/docker/devicemapper/mnt/c3321ce74e90d9df08793b
├─docker-253:0-67339311-216e260231a30f484a10a28288509819cf0c7492b27c3bf03394b1932cb637b3 253:4 0 10G 0 dm /var/lib/docker/devicemapper/mnt/216e260231a30f484a10a2
├─docker-253:0-67339311-379abc2c8d2e1f163592595b102fafef869e48c440f7da7b6591d55742640531 253:9 0 10G 0 dm /var/lib/docker/devicemapper/mnt/379abc2c8d2e1f16359259
├─docker-253:0-67339311-24229ad0cba2615ed61273d19673659483018bf7c674c0002f04c7492bf5b720 253:7 0 10G 0 dm /var/lib/docker/devicemapper/mnt/24229ad0cba2615ed61273
└─docker-253:0-67339311-fa5c09702c932d386cc618d54a90c261b4aac5d3e593dac7d60545957cee85e2 253:5 0 10G 0 dm /var/lib/docker/devicemapper/mnt/fa5c09702c932d386cc618
sda 8:0 0 300G 0 disk
├─sda2 8:2 0 299.5G 0 part
│ ├─centos-swap 253:1 0 7.9G 0 lvm
│ ├─centos-home 253:2 0 241.6G 0 lvm /home
│ └─centos-root 253:0 0 50G 0 lvm /
└─sda1 8:1 0 500M 0 part /boot
由于loop-lvm模式从性能和文档上来看都不可靠,这种模式仅适用于测试环境,不建议在生产环境使用。
3.2 direct-lvm模式
生产模式下,使用devicemapper存储驱动程序的主机必须使用direct-lvm模式,此模式使用块设备来创建精简池,这里使用loop-lvm设备更快,更有效的使用系统资源,并且块设备可以根据需要进行扩增。
3.2.1 配置direct-lvm模式
这里我们需要给系统添加一块磁盘,比如添加一块500G的数据盘。
- 停止Docker服务
[root@k8s001 ~]# systemctl stop docker
- 将整块硬盘创建物理卷
[root@k8s001 ~]# pvcreate /dev/sdb
- 创建dockervg的卷组(VG)
[root@k8s001 ~]# vgcreate dockervg /dev/sdb
- 创建thinpool逻辑卷
[root@k8s001 ~]# lvcreate --wipesignatures y -n thinpool -l 70%VG dockervg
[root@k8s001 ~]# lvcreate --wipesignatures y -n thinpoolmeta -l 5%VG dockervg
[root@k8s001 ~]# lvscan
ACTIVE '/dev/dockervg/thinpool' [<300.00 GiB] inherit
ACTIVE '/dev/centos/swap' [<7.88 GiB] inherit
ACTIVE '/dev/centos/home' [241.57 GiB] inherit
ACTIVE '/dev/centos/root' [50.00 GiB] inherit
- 转换成thinpool
[root@k8s001 ~]# lvconvert -y --zero n -c 512K --thinpool dockervg/thinpool --poolmetadata dockervg/thinpoolmeta
- 查看thinpool状态
[root@k8s001 ~]# lvs -o lv_name,data_percent,metadata_percent,lv_size,lv_metadata_size,data_lv,metadata_lv
LV Data% Meta% LSize MSize Data Meta
home 241.57g
root 50.00g
swap <7.88g
thinpool 1.63 0.29 <300.00g <6.00g [thinpool_tdata] [thinpool_tmeta]
说明:这里LSize为data的空间大小,MSize为Metadata的空间大小,Data为Data对应的逻辑卷,Meta为MetaData对应逻辑卷。
扩展thinpool(根据实际情况进行):
上面的sdb盘我们并没有将空间全部使用完,这里如果Metadata或Data空间不足时,我们可以进行扩容。例如:
# 扩容metadata的大小
[root@k8s001 ~]# lvresize -L +1G /dev/mapper/dockervg-thinpool_tmeta
# 扩容data的大小
[root@k8s001 ~]# lvresize -L +5G /dev/mapper/dockervg-thinpool
- 备份删除原Docker目录
[root@k8s001 ~]# mkdir /var/lib/docker_bak
[root@k8s001 ~]# mv /var/lib/docker/* /var/lib/docker_bak
- 修改Dokcer启动参数
[root@k8s001 ~]# cat /etc/docker/daemon.json
{
"storage-driver": "devicemapper",
"storage-opts": [
"dm.thinpooldev=/dev/mapper/dockervg-thinpool",
"dm.use_deferred_removal=true",
"dm.use_deferred_deletion=true"
],
"log-driver": "json-file",
"log-opts": {
"max-size": "1m",
"max-file": "10"
}
}
- 重启docker服务
[root@k8s001 ~]# systemctl daemon-reload
[root@k8s001 ~]# systemctl start docker
- 验证
[root@k8s001 ~]# docker info
Client:
Debug Mode: false
Server:
Containers: 33
Running: 32
Paused: 0
Stopped: 1
Images: 22
Server Version: 18.09.2
Storage Driver: devicemapper
Pool Name: dockervg-thinpool
Pool Blocksize: 524.3kB
Base Device Size: 10.74GB
Backing Filesystem: xfs
Udev Sync Supported: true
Data Space Used: 5.244GB
Data Space Total: 322.1GB
Data Space Available: 316.9GB
Metadata Space Used: 18.67MB
Metadata Space Total: 6.438GB
Metadata Space Available: 6.42GB
Thin Pool Minimum Free Space: 32.21GB
Deferred Removal Enabled: true
Deferred Deletion Enabled: true
Deferred Deleted Device Count: 0
Library Version: 1.02.149-RHEL7 (2018-07-20)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc nvidia
Default Runtime: runc
Init Binary: docker-init
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.20.13-1.el7.elrepo.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.66GiB
Name: k8s001.wf
ID: 62JF:3A6E:R7BO:R3DM:OKT3:S5JQ:ITT4:64XG:USB4:SJDT:ZNM2:NNKB
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine